1. What is MeSince Certificate Database (CerDB)?

+

What make it possible that MeSince can send encrypted email without exchanging public keys at first is that, MeSince maintains an encrypting certificate public key certificate database. When entering a recipient's email address, MeSince automatically search in the Database for its public key. Users don't need to exchange their public keys before-hand, or even care about what a public key is. They just send an email as they normally do.

MeSince Certificate Database, as what we call it "CerDB", is open for all global Internet users. Users can look for a public key in it and also, submit theirs into it. Gradually, other software, other email clients, users won't have to exchange their public keys either, because they can take advantage for this Database. This will facilitate the development and popularization of "S/MIME only" and thoroughly protect security of privacy for all Internet users.

2. Why Internet Service Providers should send encrypted email to its customers?

+

There are two main reasons. First, the email sent from your system to your customers contains lots of important confidential information, so only encryption can ensure the security of the confidential information. Your customer's confidential information leak in your sent email will not only bring problem and loss to your customer, but also bring security risk to your system.

Second, the need to protect user account security. Nowadays, many Internet service accounts are bound to email, and the usual process for finding forgotten passwords is to send an email to the mailbox to retrieve the password. This makes the security of the email account very important, and if the email account password is compromised, the associated service account password will be illegally modified together. However, if the service provider's reset password email is sent by calling the MeSince API to send an encrypted email to the users, even if the user's email account password is compromised or stolen, it cannot be decrypted under the protection of encrypting certificate protection password. User's accounts are still secure, and account passwords and other information cannot be illegally modified.

For your system security and user account security, it is strongly recommended that you begin the process of transforming the system as soon as possible, and all emails sent to users will be changed from plaintext email to encrypted email to protect user's security and protect valuable user resources and important assets.

3. How do we change our mail system for sending bills to support sending encrypted emails?

+

A slight change will do. You only need to modify your mail application to support certificate signature and encryption, which includes first calling MeSince's API to obtain user's public keys and modify the system to send encrypted email. If you are not sure how to do it, please refer to the source code we provide for you.

4. While I believe it is of great significance for bank bills to be sent via encrypted emails, there is still concern that receivers may not be able to open the emails because MeSince might not be that commonly used. Do you think it is time for emailing encrypted bills now?

+

You can send a plaintext email to tell your clients how to open an encrypted email before sending encrypted emails (HSBC is doing so). In fact, your clients can read encrypted emails as soon as they install MeSince APP. As there is no barrier to users, it is not necessary to wait for its being commonly used, because after all, account security and client privacy should be placed on the first position.

5. MeSince API is free together with two V3 identity certificates as a present. Is there any fee when we use the API?

+

The API service is FREE, and the two V3 identity certificates are also FREE, no other cost.

6. We are sending bills in PDF file. Why do you recommend adding a digital signature? Are there any advantages?

+

Adding a digital signature clearly provides organization information so that bill receivers will be sure that it is not a fake one. Meanwhile, it is an effective way to protect the information from tampering and makes sure that the document has legal force. In addition, it is better to add a timestamp to the signature, as we always recommend, the signing time will be legally trusted.

7. While certainly it is beneficial to encrypt verification code, but it requires receivers to have MeSince installed in their phone. What if they do not have MeSince in their phones? Any suggestion?

+

You can call the MeSince API to check whether receivers have already installed MeSince in their phone, and if they haven't done yet, you can send them a plaintext email to tell them to install MeSince for higher security. You may consider carrying it out in a phase-in process. That is, you can send verification code via MeSince to those who have already installed and send SMS to those who haven't, with a recommendation to install MeSince for higher security.

8. Can you briefly describe what special advantages can be achieved by using encrypted mail instead of telephone customer service?

+

There are several shortcomings of telephone Customer Service: 1. line busy or nobody answer; 2. It does not support screenshot, which is quite necessary for those who are using online banking; 3. telephone charge is high for customers and telephone trunks also cost a lot.

Using MeSince, no one must call or wait for answering. A screenshot of anything sent via MeSince and a reply of solution from service provider via MeSince, which improves efficiency and lowers the cost for both sides. More importantly, messages from both customer and customer service are signed and encrypted, which confirms identity and protects privacy.

9. How can we effectively and accurately know the customer's real identity if MeSince is used to provide online customer service?

+

Using MeSince as customer service tool requires first verifying user's email account to make sure that they can receive email. Meanwhile service provider can validate the user's identity bind with email. For those application systems that have higher requirement on identity information, service provider can require customer to apply the individual validation or organization validation. It is a guarantee of the user's real identity and protection to user's privacy. When these two factors are guaranteed, multiple businesses can be operated between service providers and customers, which also improves the efficiency.

10. Is it free to submit public key to MeSince database? Is it limited to individual or organization?

+

MeSince Certificate Database is freely opened to individual and organization. Of course, it's free. If you want everybody to easily obtain your public key, don't hesitate to submit it to the Database. Note: you don't have to submit your public keys if you are using MeSince, because MeSince automatically submits your public keys to the Database.

If you are a public trusted CA or other email client developer, please contact us. You can integrate our public key searching API after finishing identity validation within one work day.

11. MeSince provides CA and KM service by default. Why does it allow other CA and KM to get involved? Is it charged?

+

There are two main reasons:The 1st Reason:

The vision of MeSince is that "Encrypt all information, protect online privacy". Such a lofty vision requires efforts from all parties. MeSince has spent 3 years in developing the product, with the hope that it can cooperate with CAs from all over the world in offering "S/MIME only" service, to protect confidential information for global internet users. A third CA will not have to invest anything in research and development, but can use the readily CA and KM system to provide email encryption for its customers, which also can be a new profit growth point.

The 2st Reason:

Some big entities, especially government, army, big enterprise, all have high requirement on security of the private key. Those who want to offer keys of encrypting certificate and to enhance their key management can use their own KM system. They only need to rely on MeSince for issuing subscriber certificates. Or, they can also set up their own CA system, issue the certificates themselves as well.

For third party KM and CA who want to incorporate MeSince, a customized MeSince version will be needed. The API URL for retrieving certificates in MeSince need to be modified, otherwise the certificates will be retrieved through default CA and KM. MeSince changes fee on customizing MeSince APP and the customized APP will be named by "MeSince ABC Version" for ABC company.

12. Our company only cares more on the security of encryption private key, but we don't have a KM system. Is it possible to buy one from you?

+

Yes, we provide KM system. It is a plug-and-play device. As for the price, please contact us and we will give you advice according to your user volumes. And please refer the related solution.

13. Our company has both CA and KM system. How can we incorporate MeSince system?

+

We will provide you document and test system. As long as the customized MeSince retrieves certificate successfully from your system, the incorporation succeeds. If your users limit to a dedicated domain name, you don't need a customized MeSince APP. We can redirect such users to retrieve keys from you.

14. We are a public CA and have our own KM system. How can we incorporate MeSince system?

+

We will provide you document and test system. As long as the customized MeSince retrieves certificate successfully from your system, the incorporation succeeds.

15. We are a public CA and only want MeSince to trust certificates we issue. What should we do?

+

In this case, there is no need for CA or KM incorporation. You only need to apply for our MeSince Trusted Root CA Program.

MeSince Trusted Root CA Program will be open for all CA in the world. CAs that meets the requirements can apply for our Program and MeSince users who import certificate issued by these CA can be trusted by MeSince and their validation level will be displayed. Details will be released at a proper time.

If you still have any other questions, please visit User's Forum, you may find the right answer promptly. Or submit your question in the Forum, we will answer your question ASAP.